nfc-mfclassic: detect 2K MFP via RATS
Philippe Teuwen
11 years ago
| 260 | 260 | return true; |
| 261 | 261 | } |
| 262 | 262 | |
| 263 | static int | |
| 264 | get_rats(void) | |
| 265 | { | |
| 266 | int res; | |
| 267 | uint8_t abtRats[2] = { 0xe0, 0x50}; | |
| 268 | // Use raw send/receive methods | |
| 269 | if (nfc_device_set_property_bool(pnd, NP_EASY_FRAMING, false) < 0) { | |
| 270 | nfc_perror(pnd, "nfc_configure"); | |
| 271 | return -1; | |
| 272 | } | |
| 273 | res = nfc_initiator_transceive_bytes(pnd, abtRats, sizeof(abtRats), abtRx, sizeof(abtRx), 0); | |
| 274 | if (res > 0) { | |
| 275 | // ISO14443-4 card, turn RF field off/on to access ISO14443-3 again | |
| 276 | nfc_device_set_property_bool(pnd, NP_ACTIVATE_FIELD, false); | |
| 277 | nfc_device_set_property_bool(pnd, NP_ACTIVATE_FIELD, true); | |
| 278 | } | |
| 279 | // Reselect tag | |
| 280 | if (nfc_initiator_select_passive_target(pnd, nmMifare, NULL, 0, &nt) <= 0) { | |
| 281 | printf("Error: tag disappeared\n"); | |
| 282 | nfc_close(pnd); | |
| 283 | nfc_exit(context); | |
| 284 | exit(EXIT_FAILURE); | |
| 285 | } | |
| 286 | return res; | |
| 287 | } | |
| 288 | ||
| 263 | 289 | static bool |
| 264 | 290 | read_card(int read_unlocked) |
| 265 | 291 | { |
| 557 | 583 | // 320b |
| 558 | 584 | uiBlocks = 0x13; |
| 559 | 585 | else |
| 560 | // 1K | |
| 561 | // TODO: for MFP it is 0x7f (2K) but how to be sure it's a MFP? Try to get RATS? | |
| 586 | // 1K/2K, checked through RATS | |
| 562 | 587 | uiBlocks = 0x3f; |
| 588 | // Testing RATS | |
| 589 | int res; | |
| 590 | if ((res = get_rats()) > 0) { | |
| 591 | if ((res >= 10) && (abtRx[5] == 0xc1) && (abtRx[6] == 0x05) | |
| 592 | && (abtRx[7] == 0x2f) && (abtRx[8] == 0x2f) | |
| 593 | && ((nt.nti.nai.abtAtqa[1] & 0x02) == 0x00)) { | |
| 594 | // MIFARE Plus 2K | |
| 595 | uiBlocks = 0x7f; | |
| 596 | } | |
| 597 | } | |
| 563 | 598 | printf("Guessing size: seems to be a %i-byte card\n", (uiBlocks + 1) * 16); |
| 564 | 599 | |
| 565 | 600 | if (bUseKeyFile) { |